apps/enc.c: avoid signed integer overflow on bufsize assignment

The calculated option value, while being long-typed, is not checked for fitting into int-sized bufsize. Avoid overflow by throwing error if it is bigger than INT_MAX and document that behaviour. Fixes: 7e1b748570 "Big apps cleanup (option-parsing, etc)" Resolves: https://scan5.scan.coverity.com/#/project-view/65248/10222?selectedIssue=1665149 References: https://github.com/openssl/project/issues/1362 Signed-off-by: Eugene Syromiatnikov <esyr@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/28405)
2025-09-01 14:05:33 +02:00 · 2025-09-01 14:05:33 +02:00 · eb851cc1fb
parent a1cdea4907
commit eb851cc1fb
2 changed files with 3 additions and 0 deletions
--- a/apps/enc.c
+++ b/apps/enc.c
@ -260,6 +260,8 @@ int enc_main(int argc, char **argv)
                goto opthelp;
            if (k)
                n *= 1024;
+            if (n > INT_MAX)
+                goto opthelp;
            bsize = (int)n;
            break;
        case OPT_K:
--- a/doc/man1/openssl-enc.pod.in
+++ b/doc/man1/openssl-enc.pod.in
@ -196,6 +196,7 @@ or decryption.
 =item B<-bufsize> I<number>

 Set the buffer size for I/O.
+The maximum size that can be specified is B<2^31-1> (2147483647) bytes.

 =item B<-nopad>